1fe440e3851d27fb3353648a3289a4fe7ab36401253f697c698f90d8f970c99b

Sharing

Copy URL Twitter E-mail

General

Target

1fe440e3851d27fb3353648a3289a4fe7ab36401253f697c698f90d8f970c99b
Size

142KB
MD5

805cbea4cc20e17a99ee30f76ebad7d0
SHA1

241c40143bdebca272154b3947ddbc4aaac8f89a
SHA256

1fe440e3851d27fb3353648a3289a4fe7ab36401253f697c698f90d8f970c99b
SHA512

0595150c670698b8f74e2d2639596d67cab542377cc0fa5b4938f62ff72044a989e3e89c15722d6bba468a39c2512df7758ec1ac7c58bea2318338c0152083b2
SSDEEP

3072:SFqDRzwQdRE1iX/Z9KciAULX7IC6utc4QKZq/He4R48RaXst2/m3/o3:fFwsBXDULLIC6uyqwfeQpAS/y

Score

N/A

Malware Config

Signatures

Files

1fe440e3851d27fb3353648a3289a4fe7ab36401253f697c698f90d8f970c99b
.exe windows x86

98eca88b54565fac2eeae930554e0c9e

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

mscat32

CryptCATCDFEnumAttributes
MsCatFreeHashTag
CryptCATAdminReleaseCatalogContext
CryptCATGetCatAttrInfo
CryptCATAdminEnumCatalogFromHash
CryptCATOpen
CryptCATCDFEnumMembersByCDFTagEx
CryptCATCDFEnumAttributesWithCDFTag
CryptCATStoreFromHandle

msvcirt

?rdbuf@ifstream@@QBEPAVfilebuf@@XZ
??6ostream@@QAEAAV0@PBE@Z
?xalloc@ios@@SAHXZ
?ends@@YAAAVostream@@AAV1@@Z
?setbuf@strstreambuf@@UAEPAVstreambuf@@PADH@Z
?setf@ios@@QAEJJJ@Z
?ipfx@istream@@QAEHH@Z
?fd@ifstream@@QBEHXZ
??_Diostream@@QAEXXZ
?get@istream@@QAEAAV1@PACHD@Z
?setmode@ifstream@@QAEHH@Z
??_Dostream@@QAEXXZ
?bad@ios@@QBEHXZ
??_Gistream@@UAEPAXI@Z
?sh_read@filebuf@@2HB
?str@strstreambuf@@QAEPADXZ
?sync@istream@@QAEHXZ
??0ostream_withassign@@QAE@ABV0@@Z
?hex@@YAAAVios@@AAV1@@Z
?write@ostream@@QAEAAV1@PBDH@Z
?seekoff@filebuf@@UAEJJW4seek_dir@ios@@H@Z
?flush@ostream@@QAEAAV1@XZ
??_Dofstream@@QAEXXZ
?fill@ios@@QAEDD@Z
??0streambuf@@IAE@PADH@Z
??0ofstream@@QAE@PBDHH@Z
??_8ostrstream@@7B@
??_Estreambuf@@UAEPAXI@Z
??1exception@@UAE@XZ
?unbuffered@streambuf@@IBEHXZ

regapi

RegWinStationEnumerateW
RegFreeUtilityCommandList
RegWinStationQueryA
RegWinStationSetSecurityW
RegGetMachinePolicy
RegWinStationQueryW
RegConsoleShadowQueryW
RegBuildNumberQuery
RegWdDeleteA
RegPdCreateA
RegPdEnumerateA
RegWinStationAccessCheck
RegWdEnumerateA
RegWinStationSetSecurityA
RegIsMachinePolicyAllowHelp
RegWinStationDeleteA
RegOpenServerA
RegOpenServerW
RegGetMachinePolicyEx
RegIsTServer
RegWdCreateA
RegWinStationCreateA
RegPdCreateW
RegPdDeleteA
WaitForTSConnectionsPolicyChanges
RegCdDeleteW
RegCloseServer
RegWinStationCreateW
RegGetTServerVersion
RegDenyTSConnectionsPolicy

serialui

drvSetDefaultCommConfigA
drvSetDefaultCommConfigW
drvCommConfigDialogA
drvGetDefaultCommConfigA
drvGetDefaultCommConfigW
drvCommConfigDialogW

kernel32

SetMailslotInfo
RemoveDirectoryA
GlobalGetAtomNameA
CreateSemaphoreA
GetSystemWow64DirectoryA
SetFileAttributesA
FreeLibrary
GetTimeZoneInformation
ReadConsoleOutputAttribute
EnumSystemLanguageGroupsA
BeginUpdateResourceA
GetVolumePathNameA
SetFileShortNameW
GlobalAlloc
GetConsoleInputExeNameA
MapViewOfFile
LoadLibraryW
GetThreadPriority
SetConsoleMenuClose
InitializeSListHead
OutputDebugStringW
EnumDateFormatsA
AddRefActCtx
GetCommMask

Sections

.text
Size: 30KB - Virtual size: 30KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 104KB - Virtual size: 103KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

98eca88b54565fac2eeae930554e0c9e

Headers

File Characteristics

Imports

mscat32

msvcirt

regapi

serialui

kernel32

Sections

.text Size: 30KB - Virtual size: 30KB

.rdata Size: 4KB - Virtual size: 3KB

.data Size: 104KB - Virtual size: 103KB

.rsrc Size: 2KB - Virtual size: 1KB

.text
Size: 30KB - Virtual size: 30KB

.rdata
Size: 4KB - Virtual size: 3KB

.data
Size: 104KB - Virtual size: 103KB

.rsrc
Size: 2KB - Virtual size: 1KB